* | (__| |_| | _ <| |___
* \___|\___/|_| \_\_____|
*
- * Copyright (C) 1998 - 2012, Daniel Stenberg, <daniel@haxx.se>, et al.
+ * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al.
*
* This software is licensed as described in the file COPYING, which
* you should have received as part of this distribution. The terms
- * are also available at http://curl.haxx.se/docs/copyright.html.
+ * are also available at https://curl.haxx.se/docs/copyright.html.
*
* You may opt to use, copy, modify, merge, publish, distribute and/or sell
* copies of the Software, and permit persons to whom the Software is
* KIND, either express or implied.
*
***************************************************************************/
+/* <DESC>
+ * Shows HTTPS usage with client certs and optional ssl engine use.
+ * </DESC>
+ */
#include <stdio.h>
#include <curl/curl.h>
int main(void)
{
- int i;
CURL *curl;
CURLcode res;
FILE *headerfile;
static const char *pCertFile = "testcert.pem";
static const char *pCACertFile="cacert.pem";
+ static const char *pHeaderFile = "dumpit";
const char *pKeyName;
const char *pKeyType;
pEngine = NULL;
#endif
- headerfile = fopen("dumpit", "w");
+ headerfile = fopen(pHeaderFile, "wb");
curl_global_init(CURL_GLOBAL_DEFAULT);
curl_easy_setopt(curl, CURLOPT_URL, "HTTPS://your.favourite.ssl.site");
curl_easy_setopt(curl, CURLOPT_HEADERDATA, headerfile);
- for(i = 0; i < 1; i++) /* single-iteration loop, just to break out from */
- {
- if (pEngine) /* use crypto engine */
- {
- if (curl_easy_setopt(curl, CURLOPT_SSLENGINE,pEngine) != CURLE_OK)
- { /* load the crypto engine */
- fprintf(stderr,"can't set crypto engine\n");
+ do { /* dummy loop, just to break out from */
+ if(pEngine) {
+ /* use crypto engine */
+ if(curl_easy_setopt(curl, CURLOPT_SSLENGINE, pEngine) != CURLE_OK) {
+ /* load the crypto engine */
+ fprintf(stderr, "can't set crypto engine\n");
break;
}
- if (curl_easy_setopt(curl, CURLOPT_SSLENGINE_DEFAULT,1L) != CURLE_OK)
- { /* set the crypto engine as default */
+ if(curl_easy_setopt(curl, CURLOPT_SSLENGINE_DEFAULT, 1L) != CURLE_OK) {
+ /* set the crypto engine as default */
/* only needed for the first time you load
a engine in a curl object... */
- fprintf(stderr,"can't set crypto engine as default\n");
+ fprintf(stderr, "can't set crypto engine as default\n");
break;
}
}
/* cert is stored PEM coded in file... */
/* since PEM is default, we needn't set it for PEM */
- curl_easy_setopt(curl,CURLOPT_SSLCERTTYPE,"PEM");
+ curl_easy_setopt(curl, CURLOPT_SSLCERTTYPE, "PEM");
/* set the cert for client authentication */
- curl_easy_setopt(curl,CURLOPT_SSLCERT,pCertFile);
+ curl_easy_setopt(curl, CURLOPT_SSLCERT, pCertFile);
/* sorry, for engine we must set the passphrase
(if the key has one...) */
- if (pPassphrase)
- curl_easy_setopt(curl,CURLOPT_KEYPASSWD,pPassphrase);
+ if(pPassphrase)
+ curl_easy_setopt(curl, CURLOPT_KEYPASSWD, pPassphrase);
/* if we use a key stored in a crypto engine,
we must set the key type to "ENG" */
- curl_easy_setopt(curl,CURLOPT_SSLKEYTYPE,pKeyType);
+ curl_easy_setopt(curl, CURLOPT_SSLKEYTYPE, pKeyType);
/* set the private key (file or ID in engine) */
- curl_easy_setopt(curl,CURLOPT_SSLKEY,pKeyName);
+ curl_easy_setopt(curl, CURLOPT_SSLKEY, pKeyName);
/* set the file with the certs vaildating the server */
- curl_easy_setopt(curl,CURLOPT_CAINFO,pCACertFile);
+ curl_easy_setopt(curl, CURLOPT_CAINFO, pCACertFile);
/* disconnect if we can't validate server's cert */
- curl_easy_setopt(curl,CURLOPT_SSL_VERIFYPEER,1L);
+ curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 1L);
/* Perform the request, res will get the return code */
res = curl_easy_perform(curl);
curl_easy_strerror(res));
/* we are done... */
- }
+ } while(0);
/* always cleanup */
curl_easy_cleanup(curl);
}
projects / platform / upstream / curl.git / blobdiff